MDKSA-2003:062

Problem description

A Denial of Service (DoS) vulnerability was discovered in the CUPS
printing system by Phil D'Amore of Red Hat. The IPP (Internet Printing
Protocol) that CUPS uses is single-threaded and can only service one
request at a time. A malicious user could create a partial request
that does not time out and cause a Denial of Service condition where
CUPS will not respond to other printing requests. This can only be
done if the malicious user can create a TCP connection to the IPP
port (631 by default).
This vulnerability has been fixed upstream in CUPS 1.1.19 and packages
of previous versions have been fixed to correct the problem.